• Journal of Practical Engineering Education
• /
• v.10 no.1
• /
• pp.1-7
• /
• 2018

The dual security system that manages user's account information and uses NFC and OTP has been proposed. It also enhances the security of the user authentication phase by using the features that recognize within the range of less than 1m of NFC and the high security of NFC itself. During the graduation work design process which was carried out for one year and six months in a group of two in the electronics engineering major of the four-year undergraduate system was conducted. In the interim results, we participated in the conferences and thesis contest at the Institute of related to major for three times. Finally passed the examination process for three times judged by 6 professors in the major. The results were published in a graduation thesis together with other people who passed and composed in thesis form. Through the experience gained through these stages of design and production, it has gained the confidence to gain employment opportunities and actively pursue the growth stage, and presented a methodology to practice engineering education through employment.

• Convergence Security Journal
• /
• v.15 no.1
• /
• pp.91-104
• /
• 2015

Korea Privative security regulation was enacted in 1976 and which was revised 18 times. But most of the revision was made by outer forces but not by for the law itself. Now more than 39 years since the law was enacted and 63 years modern private security method was adopted. In this point of time being requires well equipped private security regulation would be revised to match with much changed society. First, there is a problem with the current ways of education, written examination. Second, security guard supervisor examination subject should be revised, which means overlapped subjects must be eliminated. Third, collective civil petition place has to be arranged.

• Journal of Software Engineering Society
• /
• v.25 no.1
• /
• pp.19-28
• /
• 2012

Personal registration number has been used as a means of personal identification on existing internet. However, its use on internet sites has become a major factor increasing danger of leaking of personal information. Presently, the government recommends i-PIN to minimize the collection of personal registration numbers and leaking of personal information on internet. Original purpose of i-PIN is to recognize persons by its virtual number of 13 digits instead of using personal registration number on internet websites. These days, i-PIN continues to be used increasingly as a form of certification. This study seeks to explore software service methodology of using i-PIN as a form of certification on internet websites and examples in which its other forms of self certification are used than existing i-PIN services.

• Convergence Security Journal
• /
• v.18 no.5_1
• /
• pp.59-66
• /
• 2018

The performance of a network intrusion detection system using the machine learning method depends heavily on the composition and the size of the feature set. The detection accuracy, such as the detection rate or the false positive rate, of the system relies on the feature composition. And the time it takes to train and detect depends on the size of the feature set. Therefore, in order to enable the system to detect intrusions in real-time, the feature set to beused should have a small size as well as an appropriate composition. In this paper, we show that the size of the feature set can be further reduced without decreasing the detection rate through using Pearson correlation coefficient between features along with the multi-objective genetic algorithm which was used to shorten the size of the feature set in previous work. For the evaluation of the proposed method, the experiments to classify 10 kinds of attacks and benign traffic are performed against NSL_KDD data set.

• Convergence Security Journal
• /
• v.18 no.2
• /
• pp.159-166
• /
• 2018

The purpose of this study is to investigate the effect of selection motivation on the NCS curriculum and career decision of the students in security related department. The contents of the questionnaire consisted of "First, Motivation to select major, Second, NCS curriculum, Third, Career decision". In this study, Chronbach's Alpha coefficients were presented to analyze the reliability of variables and exploratory factors, and the Berimax method was performed. The AVE and CR values of the items were calculated to be 0.5 and 0.7, respectively. Therefore, it was analyzed that the Intensive feasibility of items were well-focused. As a result of the hypothesis test, the standardized coefficients were calculated as follows: 'Selective motivation ⇨ NCS curriculum' is 0.563, 'NCS curriculum ⇨ career decision' is 1.339. The relationship between the two hypotheses was found to be positive (+). In order to improve the career decision of students in security related departments, it seems necessary to raise the motivation of selection and to improve the satisfaction of NCS curriculum.

• KIPS Transactions on Computer and Communication Systems
• /
• v.8 no.5
• /
• pp.119-126
• /
• 2019

Typical software developed and used by North Korea is Red Star and internal application software. However, most of the existing research on the North Korean software is the software installation method and general execution screen analysis. One of the ways to identify software vulnerabilities is file fuzzing, which is a typical method for identifying security vulnerabilities. In this paper, we use file fuzzing to analyze the security vulnerability of the software used in North Korea's Seogwang Document Processing System. At this time, we propose the analysis of open document text (ODT) file produced by Seogwang Document Processing System, extraction of node based on Document Object Mode (DOM) to determine test target, and generation of mutation file through insertion and substitution, this increases the number of crash detections at the same testing time.

• Smart Media Journal
• /
• v.10 no.3
• /
• pp.48-53
• /
• 2021

The authentication process is a key step that should be used to verify that a user is legitimate, and it should be used to verify that a user is a legitimate user and grant access only to that user. Recently, two-factor authentication and OTP schemes are used by most applications to add a layer of security to the login process and to address the vulnerability of using only one factor for authentication, but this method also allows access to user accounts without permission. This is a known security vulnerability. In this paper, we propose a Zero Knowledge Proofs (ZKP) personal information authentication scheme based on a Smart Contract of a block chain that authenticates users with minimal personal information exposure conditions. This has the advantage of providing many security technologies to the authentication process based on blockchain technology, and that personal information authentication can be performed more safely than the existing authentication method.

• Journal of the Korea Convergence Society
• /
• v.12 no.1
• /
• pp.11-17
• /
• 2021

If a vulnerability in the software connected to the network to obtain the user's privilege, a remote attacker could gain the privilege to use the computer. In addition, in a user environment in which an operating system for a specific series is used a lot, if a problem occurs in the operating system, considerable damage can occur. In particular, If an error is a security vulnerability, it can be a very big problem. Various studies have been conducted to find and respond to vulnerabilities in such a situation. Among various security technologies, the fuzzing technology is one of the most effective technologies to find errors in software. In this paper, I designed and implemented a fuzzing agent that can detect buffer overflow vulnerabilities that can occur in various applications. Through this fuzzing agent, application developers will be able to realize a more secure computing environment in which they can discover and fix vulnerabilities in their own applications.

• Advanced Industrial SCIence
• /
• v.3 no.3
• /
• pp.8-13
• /
• 2024

Zero Knowledge Proof (ZKP) is an innovative decentralized technology designed to enhance the privacy and security of virtual currency transactions. By ensuring that only the necessary information is disclosed by the transaction provider, ZKP protects the confidentiality of all parties involved. This ensures that both the identity of the transacting parties and the transaction value remain confidential.ZKP not only provides a robust privacy function by concealing the identities and values involved in blockchain transactions but also facilitates the exchange of money between parties without the need to verify each other's identity. This anonymity feature is crucial in promoting trust and security in financial transactions, making ZKP a pivotal technology in the realm of virtual currencies. In the context of the Fourth Industrial Revolution, the application of ZKP contributes significantly to the comprehensive and stable development of financial services. It fosters a trustworthy user environment by ensuring that transaction privacy is maintained, thereby encouraging broader adoption of virtual currencies. By integrating ZKP, financial services can achieve a higher level of security and trust, essential for the continued growth and innovation within the sector.

• Korean Security Journal
• /
• no.54
• /
• pp.37-56
• /
• 2018

Safety is considered as a very important factor when tourists select tourist spots, which means that the desire for safety in the tourism industry is very high. Therefore, a specialized field for the safety of the tourism industry is necessary. Already, there are staff members who are responsible for safety in various tourism sectors, but they have been led through knowledge based on work experience without professional education. In order to train specialists who are responsible for the safety of the tourism industry, research in related fields is indispensable, and universities in charge of research and education systematically construct surveys of related fields, and through experts I have to train. In the field meaning tourism security, there is Hospitality Security. Hospitality means 'to hospitality', 'to be entertaining', Hospitality Industry is used to cover the tourism industry in its exhaustive sense. Security is a term that refers to safety and security. Therefore, Hospitality Security which the two meanings together, that is, korean word hospitality security, tourism security can be said. Already in the US experts in the field of Hospitality Security explained the importance through related books. Currently in Korea, well-known tourism related universities operate subjects in the Hospitality field, and the security field also manages subjects at several universities. So, We collected the subjects managed at each university, analyzed them, and selected subjects of Hospitality Security. If the results of research through continuous research accumulate, the value as academic will be further increased, and it will be possible to have a role responsible for the safety of the tourism industry by producing experts accordingly.